Accessing Databases in a Sandboxed Solution

Sandboxed Solution is a cool feature of SharePoint 2010, but as all of us know, not everything can be done with the Sandboxed Solution. For security consideration, Sandboxed Solution has its own CAS to restrict the call to some SharePoint APIs as well as some sensitive resources like network connections, local disk IOs etc. Of course we can modify the oob CAS, but it is definitely not a recommended way.

So what should we do if we want to access these resources in our sandboxed solutions? The answer is the full trust proxy. We can create a full trust proxy and register it in SharePoint 2010. Then we will be able to do what we want in the sandboxed solution by calling this proxy. The following is an example that I created in order to accessing SQL database in my sandboxed solution.

Creating a full trust proxy

Usually, a full trust proxy consists of two classes, a proxy operation class derives from SPProxyOperation and a corresponding arguments class derives from SPProxyOperationArgs.

In VS 2010, create a Class Library project, and add a reference to SharePoint assembly.

The assembly of our proxy should be able to be called by other partially trusted callers. So add AllowPartiallyTrustedCallers attribute in AssemblyInfo.cs

Add two classes, one is based on SPProxyOperation and another is based on SPProxyOperationArgs. The following is the code of my proxy.